SN blogs: Monitor to avoid data exfiltration

SN blogs: This week analysts discuss how to get employees to comply with BYOD policies and where to start with big data.

Consistent data monitoring is needed to avoid exfiltration

Enterprise Strategy Group (ESG) Senior Analyst Jon Oltsik says that according to an ESG survey, only 29% of organizations monitor sensitive data on a continuous basis. The other 71% do so less often, auditing data on either a weekly, monthly or quarterly basis. This lack of continuous auditing is most concerning when it comes to data exfiltration, where sensitive data is seized by hackers. Oltsik says that although it is understood that most organizations lack security personnel and budgets are always tight, it should not come as a surprise when data is stolen if it isn't being monitored.

Read a list of data security technologies that Oltsik says he believes will help support consistent data monitoring.

Ensuring compliance with BYOD policies

Current Analysis Principal Analyst Paula Musich says a recent survey done by Centrify, an identity management vendor, highlights employee indifference to BYOD policies. According to the survey, 43% of 500 employees surveyed said that they accessed sensitive data while on an unsecure public wireless network. About 15% of respondents said they felt little to no responsibility to protect locally stored data. Musich says that having employees sign lengthy policy agreements is no longer sufficient. Chief information security officers (CISO) should start having interactive security trainings to explain the consequences of careless mobile behavior. Musich also suggests getting a corporate-owned, personally enabled (COPE) program in place so that employees know from the get-go their activity is being monitored. Another tip: Ensuring that BYOD compliance is part of the employee's annual performance review.

Read the other tips Musich gives to help ensure employees comply with BYOD policies.

Where to start with big data

Gartner Managing Vice President Ian Bertram says that when you are trying to figure out what to do with big data, it is important to start with business objectives first. While many people want to start with a certain type of technology, Bertram says to first take into account the people, skills and capabilities along with the data source, architecture and infrastructure. As a starting point, Bertram suggests operation excellence, customer intimacy, new business and risk management as four key business objective categories. Once you have your business objectives in place, you can decide which technology will be most helpful in achieving your goals. Bertram says to not get caught off guard by the term "big data," because after all, it is just data.

Read why Bertram says it is important to start small when using big data.

Hyper-convergence is not the only way to reduce cost of IT operations

Virtualized Geek blogger and analyst Keith Townsend says that hyper-convergence is not the only way to reduce the cost of IT operations. While hyper-converged strategies offer ease of management and make expansion a smoother process, it is not the right avenue for all business structures. For example, having a combination of converged and non-converged systems will cancel out the benefits stemming from ease of management.  Additionally, purchasing cycles have to be aligned in order to standardize resources on a single platform. Townsend says that software-defined strategies—based on simple hardware and provisioning at the management level-- are an alternative for some businesses.

Read Townsend's examples of which strategies fit with which business models.

This was last published in May 2014

Dig Deeper on Wireless Network Security

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.